Google Git
Sign in
skia / third_party / libpng / 6d5f00571da282f65c4f840bff4b43eca27c489f^! / .
commit6d5f00571da282f65c4f840bff4b43eca27c489f[log] [tgz]
authorGlenn Randers-Pehrson <glennrp at users.sourceforge.net>Thu Jan 07 09:24:56 2016 -0600
committerGlenn Randers-Pehrson <glennrp at users.sourceforge.net>Thu Jan 07 09:24:56 2016 -0600
treea44c611359053d4b17e74c0f1c2f4af2096faaf8
parent4705951df1787bd587a4e36a84f9a9daefc7255d [diff]
[libpng17] Fixed new Coverity defect, potential NULL dereference of "ps"

in pngwutil.c; Added temporary workaround for Coverity "Dead code" defect.

diff --git a/ANNOUNCE b/ANNOUNCE
index 4e1ed53..0fdd45a 100644
--- a/ANNOUNCE
+++ b/ANNOUNCE

@@ -1,5 +1,5 @@
 
-Libpng 1.7.0beta76 - January 6, 2016
+Libpng 1.7.0beta76 - January 7, 2016
 
 This is not intended to be a public release.  It will be replaced
 within a few weeks by a public version or by another test version.
@@ -1139,7 +1139,7 @@
     struct; put the check that relies on pz->list being non-NULL
     second (David Drysdale).
 
-Version 1.7.0beta76 [January 6, 2016]
+Version 1.7.0beta76 [January 7, 2016]
   Corrected the options handling. Setting the new, higher, option
     bits triggered the byte check (which is no longer necessary).
   Added NULL pz->list test to png_zlib_compress_validate().  This seems
@@ -1169,6 +1169,8 @@
     Fuzzy Lop, reported by Brian Carpenter.
   Marked 'limit' UNUSED in transform_range_check().  This only affects
     release builds.
+  Fixed new Coverity defect, potential NULL dereference of "ps" in pngwutil.c
+  Added temporary workaround for Coverity "Dead code" defect.
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit

diff --git a/CHANGES b/CHANGES
index 0d66a3f..b69d1b4 100644
--- a/CHANGES
+++ b/CHANGES

@@ -5438,7 +5438,7 @@
     struct; put the check that relies on pz->list being non-NULL
     second (David Drysdale).
 
-Version 1.7.0beta76 [January 6, 2016]
+Version 1.7.0beta76 [January 7, 2016]
   Corrected the options handling. Setting the new, higher, option
     bits triggered the byte check (which is no longer necessary).
   Added NULL pz->list test to png_zlib_compress_validate().  This seems
@@ -5468,6 +5468,8 @@
     Fuzzy Lop, reported by Brian Carpenter.
   Marked 'limit' UNUSED in transform_range_check().  This only affects
     release builds.
+  Fixed new Coverity defect, potential NULL dereference of "ps" in pngwutil.c
+  Added temporary workaround for Coverity "Dead code" defect.
 
 Send comments/corrections/commendations to png-mng-implement at lists.sf.net
 (subscription required; visit

diff --git a/pngwutil.c b/pngwutil.c
index b2a0e7e..4190912 100644
--- a/pngwutil.c
+++ b/pngwutil.c

@@ -2258,7 +2258,7 @@
       /* Default both filter_mask and zlib_strategy here, now that png_ptr has
        * all the IHDR fields set.
        */
-      if (ps->filter_mask == PNG_NO_FILTERS/*unset*/)
+      if (ps && ps->filter_mask == PNG_NO_FILTERS/*unset*/)
       {
          /* If there is no filter selection algorithm enabled then the only
           * option is PNG_FILTER_NONE.
@@ -3257,7 +3257,12 @@
                ret = deflate(&zs, flush);
             } while (ret == Z_OK && zs.avail_out == 0U);
 
+#if 0
+            /* TODO: fix this (Coverity issue Z_STREAM_END is dead code) */
             if (ret == (flush == Z_FINISH ? Z_STREAM_END : Z_OK))
+#else
+            if (ret == Z_OK)
+#endif /* 0 */
             {
                /* This cannot underflow because the check above is performed
                 * before adding 'avail_out' to l: